FIWARE Docker Container Service (FDCS)
The FIWARE Docker Container Service (FDCS) exposes the docker API so that FIWARE tenants can use their locally docker client to remotely manage their docker resources, i.e. containers, volumes, networks, etc. However tenants are insulated from each other so they can only manage docker resources, that they have created. In addition to exposing the regular Docker capabilities FDCS provides authorization and authentication capabilities which allows it to support tenant isolation between different FIWARE accounts. The multi-tenant Docker support is integrated with FIWARE Keystone service and its existing accounts definitions. The service also provides support for name scoping between tenants such that tenants can use the same docker resource names without interfering with each other.
FDCS is deployed on the FIWARE Lab at docker.lab.fiware.org:2376 so users can get its benefits by simply applying for admission to the service. Alternatively, FDCS can be installed on-premises so a site can deploy docker containers on their private FDCS cluster.
FDCS Getting StartedThis presentation introduces the FIWARE Docker Container Service (FDCS) and describes how you can start using the service. FDCS allows you to manage your docker containers, volumes, and networks remotely from your local Docker client.
You do not have to worry about creating or managing docker hosts, since the service maintains a cluster of docker hosts that you can use.
Many tenants may share the service’s resources, but they are isolated from each other.
FDCS Multi-Tenant Isolation, Name Scoping, User Defined Overlay Network, and User Defined NFS Volumes
This lesson introduces the FIWARE Docker Container Service (FDCS) support for:
- Multi-Tenant Isolation
- Multi-Tenant Name Scoping
- User Defined Overlay Networks
- User Defined NFS Volumes